The Employers Code of Practice

The Information Commission publishes full legal guidelines on the employee’s right to privacy. This summary covers best practice guidelines for recruiting monitoring, and keeping information on employees.

Recruiting Fairly

Recruitment demands the supply of a certain amount of personal information, which could cause applicants to become vulnerable in the case of misuse. The Information Commission offers guidelines designed to protect the applicants’ privacy. In accordance with the Data Protection Act and the Human Rights Act, during any recruitment process;

Employers must:

• Identify the organisation to potential applicants in any advertising material

• Tell applicants for what purpose their information will be used

• Explain how information might be verified (i.e. police checks etc).

Employers must not:

• Request any information that is unnecessary for the purpose of recruiting for the job (such as criminal offences)

• Pass on any information without the applicants’ consent

• Hold on to information after the recruitment drive is finished, without good cause.

Keeping Employee Records

It is perfectly acceptable to maintain detailed records on staff, as long as the information has been freely provided (and not covertly obtained). The Information Commission’s guidelines on staff records include the following clauses:

• Staff must be made aware of any information which is held about them.

• Information which has no business purpose must not be held.

• Make sure office staff are aware of the guidelines for keeping records and that they do not disclose personal data to anyone who is unverified.

• Keep the information physically secure, using lock and key or computer passwords.

• Any medical or personal information should only be gathered when absolutely necessary, to fulfil a specific purpose, which should be made clear to employees.

• This purpose could include: a survey for the benefit of employees; health and safety policy decision-making; preventing discrimination.

• Once created, medical records should be kept separately from less personal information and not made available.

• When you no longer need to keep an employee record, dispose of it securely.

• Employers are permitted to test their staff for drugs and alcohol, but there should be a specific purpose, and tests should be carried out in a fair, unobtrusive, and open manner.

Monitoring Employees

As an employer, you are permitted to monitor employees, provided you make your intentions clear and that you have good cause to do this. Generally, you should adhere to the following guidelines:

• Monitoring in the workplace has been shown to negatively impact on employees. Any monitoring carried out by an employer should be proportionate to the necessity (it should be undertaken with good cause).

• When you begin monitoring staff, inform them of your policy, including what is and is not acceptable, and your reasons for monitoring.

• Limit the number of people with access to network logs, footage or recordings, and make sure they are familiar with the Data Protection laws.

• It is not acceptable to monitor private calls or emails where this involves reviewing content.

• Covert monitoring is almost always considered unacceptable. Exceptions occur when an employer has reasonable grounds to suspect criminal activity.